<?
if($_SESSION[usertype]!='recruiter'){
	echo "<script>alert('Just Recruiter Can visit this page.');history.go(-1);</script>";
	exit;
}


$rc_fname = mysql_escape_string(trim($_POST[rc_fname]));
$rc_lname = mysql_escape_string(trim($_POST[rc_lname]));
$rc_email = mysql_escape_string(trim($_POST[rc_email]));
$rc_address1 = mysql_escape_string(trim($_POST[rc_address1]));
$rc_address2 = mysql_escape_string(trim($_POST[rc_address2]));
$rc_state = mysql_escape_string(trim($_POST[rc_state]));
$rc_country = mysql_escape_string(trim($_POST[rc_country]));
$rc_city = mysql_escape_string(trim($_POST[rc_city]));
$rc_phone = mysql_escape_string(trim($_POST[rc_phone]));
$rc_phone2 = mysql_escape_string(trim($_POST[rc_phone2]));
$rc_jobtype = mysql_escape_string(trim($_POST[rc_jobtype]));
$rc_jobindustry = mysql_escape_string(trim($_POST[rc_jobindustry]));
$rc_title = mysql_escape_string(trim($_POST[rc_title]));
$rc_yearexp = mysql_escape_string(trim($_POST[rc_yearexp]));
$rc_edulevel = mysql_escape_string(trim($_POST[rc_edulevel]));
$rc_proflicense = mysql_escape_string(trim($_POST[rc_proflicense]));
$rc_mgmt = mysql_escape_string(trim($_POST[rc_mgmt]));
$rc_profit = mysql_escape_string(trim($_POST[rc_profit]));
$rc_spoken = mysql_escape_string(trim($_POST[rc_spoken]));
$rc_prolang = mysql_escape_string(trim($_POST[rc_prolang]));
$rc_ip = mysql_escape_string(trim($_POST[rc_ip]));
$rc_ussecurity = mysql_escape_string(trim($_POST[rc_ussecurity]));
$rc_authorize = mysql_escape_string(trim($_POST[rc_authorize]));
$rc_subject = trim($_POST[rc_subject]);
$rc_detail = trim($_POST[rc_detail]);
$rc_comments = mysql_escape_string(trim($_POST[rc_comments]));
$rc_currentpay = mysql_escape_string(trim($_POST[rc_currentpay]));
$rc_desiredpay = mysql_escape_string(trim($_POST[rc_desiredpay]));
$rc_jobsearchstatus = mysql_escape_string(trim($_POST[rc_jobsearchstatus]));
$rc_benefits = mysql_escape_string(trim($_POST[rc_benefits]));
$rc_schoolattend = mysql_escape_string(trim($_POST[rc_schoolattend]));
$rc_describeme = mysql_escape_string(trim($_POST[rc_describeme]));
$rc_favoriatebook = mysql_escape_string(trim($_POST[rc_favoriatebook]));
$rc_highachieve = mysql_escape_string(trim($_POST[rc_highachieve]));
$rc_iplan = mysql_escape_string(trim($_POST[rc_iplan]));
$rc_iliketo = mysql_escape_string(trim($_POST[rc_iliketo]));
$rc_personalweb= mysql_escape_string(trim($_POST[rc_personalweb]));
$rc_prvemployer= mysql_escape_string(trim($_POST[rc_prvemployer]));
$rc_prvempstatus= mysql_escape_string(trim($_POST[rc_prvempstatus]));
$rc_professavilable= mysql_escape_string(trim($_POST[rc_professavilable]));
$rc_private= mysql_escape_string(trim($_POST[rc_private]));
$rc_sponsorship = mysql_escape_string(trim($_POST[rc_sponsorship]));
$jid = $_POST[jid];

$rs = $DB->fetch_one_array("SELECT * FROM pa_job WHERE `jo_id` ='" . $jid."'");

if($_FILES["uploadfile"][name]!=''){
	   $f = new upfile("./uploadfiles/contact/","pdf,doc,rar,zip,txt");
	   $f->maxsize = "10000000";
	   if($f->upload("uploadfile")){
		 $filename1 = $f->savename;
	     $file = "`re_upload`='$filename1' ,";
	   }
	   $tmpFile = $_FILES['uploadfile']['tmp_name'];
}


if(!empty($_POST) && checkFormSubmit() === true){

		if($_POST[editid]!=''){//recuriter update it
			$insertid = $_POST[editid];
		}else{
			$sql = "insert into " . $db_prefix . "contact (re_uid,re_aliasid,re_usertype,re_uname,re_regtime,re_updtime) values ('".$_SESSION[uid]."','".$jid."','".$_SESSION[usertype]."','".$_SESSION[uname]."','".time()."','".time()."')";
			$DB->query($sql);
			$insertid = $DB->insert_id();
		}
		//update the contact table
		$sql = "UPDATE " . $db_prefix . "contact 
						 SET 
						 ". $file . "
						`re_uname`='".$_SESSION[uname]."',
						`re_fname`='" . $rc_fname . "'  ,
						`re_lname`='" . $rc_lname . "'  ,
						`re_email`='" . $rc_email . "' ,
						`re_address1`='" . $rc_address1 . "' ,
						`re_address2`='" . $rc_address2 . "' , 
						`re_lostate`='" . $rc_state . "' ,
						`re_locountry`='" . $rc_country . "',
						`re_locity` ='" . $rc_city . "' , 
						`re_phone1`='" . $rc_phone . "' ,
						`re_phone2`='" . $rc_phone2 . "' , 
						`re_jobtype`= '" . $rc_jobtype . "', 
						`re_jobindustry`='" . $rc_jobindustry . "' ,
						`re_jobtitle`='" . $rc_title . "'  ,
						`re_yearexp`='" . $rc_yearexp . "' ,
						`re_edulevel`='" . $rc_edulevel . "' ,
						`re_snoud`='" . $rc_snoud . "' ,
						`re_snohd`='" . $rc_snohd . "' ,
						`re_proflicense`='" . $rc_proflicense . "' ,
						`re_mgmt`='" . $rc_mgmt . "' ,
						`re_profit`='" . $rc_profit . "' ,
						`re_spoken`='" . $rc_spoken . "' ,
						`re_prolang`='" . $rc_prolang . "' ,
						`re_ip`='" . $rc_ip . "' ,
						`re_ussecurity`='" . $rc_ussecurity . "' ,
						`re_authorize`='" . $rc_authorize . "' ,
						`re_subject`='" . $rc_subject . "' ,
						`re_detail`='" . $rc_detail . "' ,
						`re_comments`='" . $rc_comments . "',
						`re_currentpay` = '".$rc_currentpay."',
						`re_desiredpay` = '".$rc_desiredpay."',
						`re_jobsearchstatus` ='".$rc_jobsearchstatus."',
						`re_benefits` = '".$rc_benefits."',
						`re_schoolattend` = '".$rc_schoolattend."',
						`re_describeme` = '".$rc_describeme."',
						`re_favoriatebook` ='".$rc_favoriatebook."',
						`re_highachieve` ='".$rc_highachieve."',
						`re_iplan`       = '".$rc_iplan."',
						`re_iliketo`     = '".$rc_iliketo."',
						`re_personalweb` = '".$rc_personalweb."',
						`re_prvemployer` = '".$rc_prvemployer."',
						`re_prvempstatus` = '".$rc_prvempstatus."',
						`re_professavilable`= '".$rc_professavilable."',
						`re_private`= '".$rc_private."',
						`re_sponsorship` = '".$rc_sponsorship."',
						`re_updtime`='".time()."'

						 WHERE re_id = '".$insertid."'" ;
		$DB->query($sql);

		//update the message table
		if($_SESSION[usertype] == 'recruiter' || $_SESSION[usertype] == 'candidate'){
			$type = 1;
			if($_SESSION[usertype] == 'candidate'){
				$type = 2;
			}
			$sql = "SELECT rc_email,rc_fname,rc_lname,rc_copname FROM pa_recuiter WHERE rc_id = '".$rs['jo_uid']."'";
			$toRecInfo = $DB->fetch_one_array($sql);

			$sql = "INSERT INTO pa_email (e_sentrcid, e_receivedrcid, e_sendertype,e_receivertype,e_joid, e_type, e_fromemail, e_fromname, e_toemail, e_toname, e_subject, e_content, e_resumefile,e_contactid, e_created) VALUES (
				'".$_SESSION['uid']."',
				'".$rs['jo_uid']."',
				'".$_SESSION['usertype']."',
				'recruiter',
				'".$jid."',
				'".$type."',
				'".$_SESSION['useremail']."',
				'".$_SESSION['rc_copname']." (".$_SESSION['realname'].")',
				'".$toRecInfo['rc_email']."',
				'".$toRecInfo['rc_copname']."',
				'".$_POST['rc_subject']."',
				'".$_POST['rc_detail']."',
				'".$filename1."',
				'".$insertid."',
				'".time()."'
			)";
			$DB->query($sql);
		}

		ob_clean();
		ob_start();

		echo "Name: ".$rc_fname." ".$rc_lname."<br />";
		echo "Email: ".$rc_email."<br />";
		echo "Phone: ".$rc_phone."<br />";
		//echo "Location: ".$rc_city.", ".$state[$rc_state]." ".$country[$rc_country]."<br />";
		//echo "Years of Work Experience: ".$yearexp2[$rc_yearexp]."<br />";
		//echo "Years of People Mgmt Experience: ".$yearexp2[$rc_mgmt]."<br />";
		//echo "Highest Degree: ".$education[$rc_edulevel]."<br />";
		//echo "Schools Attended: ".$rc_schoolattend."<br />";
		//echo "Current Job Title: ".$rc_title."<br />";
		//echo "Current Base Pay: $".$rc_currentpay."<br />";
		//echo "Desired Base Pay: $".$rc_desiredpay."<br />";
		//echo "View this online: http://www.enetrecruiter.com/contactresumeview.php?rid=".$insertid;
		echo "<br />";
		echo "<br />";
		echo "Details: ".stripslashes($rc_detail);

		$reg_data = ob_get_contents();
		ob_end_clean();
		$content    = $reg_data;
	
	$subject    = $rc_fname." ".$rc_lname." is responding to your job ".$rs["jo_title"];

	require_once("./include/class.phpmailer.php");
	
	$to       = $toRecInfo['rc_email'];
	
	$mail=new PHPMailer();

	$mail->IsMail();

	$mail->From     = $_SESSION['useremail'];
	$mail->FromName = $rc_fname." ".$rc_lname;

	$mail->AddAddress($to);
	$mail->AddAttachment("./uploadfiles/contact/".$filename1, $filename1);

	$mail->IsHTML(true);
	$mail->Subject = stripslashes($subject);
	$mail->Body = stripslashes($content);

	$mail->CharSet = 'UTF-8';

	$mail->Send();
				

		if($_POST[editid] == ''){
//			$joblist = $DB->fetch_one_array("SELECT * FROM pa_job WHERE jo_id = '".$jid."' ");
//			$sql = "INSERT INTO pa_applicant (`app_jobid`,`app_owntype`,`app_ownid`,`app_candidateid`,`app_resumeid`,`app_regtime`) VALUES ('".$jid."','candidate','".$joblist[jo_uid]."','".$_SESSION[uid]."','".$insertid."','".time()."')";
//			$DB->query($sql);

			$err = "<h3 style=\"color:red\">You have submitted successfully!</h3><meta http-equiv=\"refresh\" content=\"3;url=myjobs.php\">";
		}else{
			$err = "<h3 style=\"color:red\">Your changes have been successfully updated!</h3><meta http-equiv=\"refresh\" content=\"3;url=myjobs.php\">";
		}
}

$rc_usertype = mysql_escape_string(trim($_POST[rc_usertype]));
$rc_fname = mysql_escape_string(trim($_POST[rc_fname]));
$rc_lname = mysql_escape_string(trim($_POST[rc_lname]));
$rc_email = mysql_escape_string(trim($_POST[rc_email]));
$rc_address1 = mysql_escape_string(trim($_POST[rc_address1]));
$rc_address2 = mysql_escape_string(trim($_POST[rc_address2]));
$rc_state = mysql_escape_string(trim($_POST[rc_state]));
$rc_country = mysql_escape_string(trim($_POST[rc_country]));
$rc_city = mysql_escape_string(trim($_POST[rc_city]));
$rc_phone = mysql_escape_string(trim($_POST[rc_phone]));
$rc_phone2 = mysql_escape_string(trim($_POST[rc_phone2]));
$rc_jobtype = mysql_escape_string(trim($_POST[rc_jobtype]));
$rc_jobindustry = mysql_escape_string(trim($_POST[rc_jobindustry]));
$rc_title = mysql_escape_string(trim($_POST[rc_title]));
$rc_yearexp = mysql_escape_string(trim($_POST[rc_yearexp]));
$rc_edulevel = mysql_escape_string(trim($_POST[rc_edulevel]));
$rc_proflicense = mysql_escape_string(trim($_POST[rc_proflicense]));
$rc_mgmt = mysql_escape_string(trim($_POST[rc_mgmt]));
$rc_profit = mysql_escape_string(trim($_POST[rc_profit]));
$rc_spoken = mysql_escape_string(trim($_POST[rc_spoken]));
$rc_prolang = mysql_escape_string(trim($_POST[rc_prolang]));
$rc_ip = mysql_escape_string(trim($_POST[rc_ip]));
$rc_ussecurity = mysql_escape_string(trim($_POST[rc_ussecurity]));
$rc_authorize = mysql_escape_string(trim($_POST[rc_authorize]));
$rc_detail = mysql_escape_string(trim($_POST[rc_detail]));
$rc_comments = mysql_escape_string(trim($_POST[rc_comments]));
$rc_currentpay = mysql_escape_string(trim($_POST[rc_currentpay]));
$rc_desiredpay = mysql_escape_string(trim($_POST[rc_desiredpay]));
$rc_jobsearchstatus = mysql_escape_string(trim($_POST[rc_jobsearchstatus]));
$rc_benefits = mysql_escape_string(trim($_POST[rc_benefits]));
$rc_schoolattend = mysql_escape_string(trim($_POST[rc_schoolattend]));
$rc_describeme = mysql_escape_string(trim($_POST[rc_describeme]));
$rc_favoriatebook = mysql_escape_string(trim($_POST[rc_favoriatebook]));
$rc_highachieve = mysql_escape_string(trim($_POST[rc_highachieve]));
$rc_iplan = mysql_escape_string(trim($_POST[rc_iplan]));
$rc_iliketo = mysql_escape_string(trim($_POST[rc_iliketo]));
$rc_personalweb= mysql_escape_string(trim($_POST[rc_personalweb]));
$rc_prvemployer= mysql_escape_string(trim($_POST[rc_prvemployer]));
$rc_prvempstatus= mysql_escape_string(trim($_POST[rc_prvempstatus]));
$rc_professavilable= mysql_escape_string(trim($_POST[rc_professavilable]));
$rc_private= mysql_escape_string(trim($_POST[rc_private]));
$rc_id = mysql_escape_string(trim($_POST[editid]));
$status = 1;

?>